Bug 52883 – Possible traceback in validator if UID != 0

Bug 52883 - Possible traceback in validator if UID != 0


Summary:	Possible traceback in validator if UID != 0

Status:	CLOSED FIXED

Product:	UCS@school
Classification:	Unclassified
Component:	Ucsschool-lib
Version:	UCS@school 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS@school 4.4 v9
Assigned To:	Tobias Wenzel
QA Contact:	Toni Röhmeyer

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2021-03-09 16:09 CET by Sönke Schwardt-Krummrich
Modified:	2021-03-24 14:13 CET (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	5: Blocking further progress on the daily work
User Pain:	0.143
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sönke Schwardt-Krummrich

2021-03-09 16:09:26 CET

In /usr/share/pyshared/ucsschool/lib/models/validator.py:67 the logger variable
private_data_logger is only defined if os.geteuid() == 0
→ if any other user uses the UCS@school library, private_data_logger is undefined
→ in validate() in /usr/share/pyshared/ucsschool/lib/models/validator.py:494 the 
  private_data_logger is used in "if private_data_logger:" which will cause a 
  NameError exception

Comment 2 Daniel Tröder

2021-03-11 09:47:27 CET

Added a test: [4.4 50d82f25c] Bug #52883: test validation with uid != 0

Comment 3 Toni Röhmeyer

2021-03-18 11:22:40 CET

Solved issue with commits

4.4:
0828b3545 [troehmey/bug52883_undefined_private_logger] Bug #52883: fix undefined private_data_logger

kelvin:
9fde3a622 [troehmey/kelvin/bug52883] Bug #52883: fix undefined private_data_logger

Comment 4 Tobias Wenzel

2021-03-18 11:53:13 CET

QA → All OK → REOPEN for merge & build in 4.4 & merge in kelvin

code changes in 4.4 → OK
code changes in feature/kelvin branch → OK

before fix:
NameError: global name 'private_data_logger' is not defined

after fix
test passes → OK

and of course the rest of the validation tests, too


as discussed, the test is not needed in kelvin because the code is always 
executed as root there

Comment 5 Toni Röhmeyer

2021-03-18 12:19:02 CET

Merged and build to 4.4 with:

6734b63de Bug #52883: added yaml
78e4e8658 Bug #52883: add changelog entry
8c689b0fe Bug #52883: Merge branch 'troehmey/bug52883_undefined_private_logger' into 4.4

Successful build:

Package: ucs-school-lib
Version: 12.2.12A~4.4.0.202103181206
Branch: ucs_4.4-0
Scope: ucs-school-4.4


Merged Kelvin branch:

14097d77e Bug #52883: Merge branch 'troehmey/kelvin/bug52883' into feature/kelvin

Comment 6 Tobias Wenzel

2021-03-18 13:41:54 CET

QA → All OK → VERIFY

changelog → OK
yaml/version → OK
merges → OK
test pass → OK
functionality → OK

Comment 7 Tobias Wenzel

2021-03-24 14:13:25 CET

UCS@school 4.4 v9 has been released.

https://docs.software-univention.de/changelog-ucsschool-4.4v9-de.html

If this error occurs again, please clone this bug.